Cybersecurity News

NGINX Shares Mitigations for Zero-Day Bug Affecting LDAP Implementation

The maintainers of the NGINX web server project have issued mitigations to address security weaknesses in its Lightweight Directory Access Protocol Reference Implementation.

“NGINX Open Source and NGINX Plus are not themselves affected, and no corrective action is necessary if you do not use the reference implementation,” Liam Crilly and Timo Stark of F5 Networks said in an advisory published Monday.

NGINX said that the reference implementation, which uses LDAP to authenticate users, is impacted only under three conditions if the deployments involve -.

Command-line parameters to configure the Python-based reference implementation daemon.

Specific group membership to carry out LDAP authentication.

The maintainers also stressed that the LDAP reference implementation mainly “Describes the mechanics of how the integration works and all of the components required to verify the integration” and that “It is not a production?grade LDAP solution.”

Stay on Top of Cyber Threats!
Subscribe to our monthly bulletin to stay updated on major cybersecurity risks.

Recent Cybersecurity News

Tell us about your needs.
Get an answer the same business day.

Tell us about your needs.
Get an answer the same business day.

Got an urgent request? Call us at 1-877-805-7475 or Book a meeting.

What happens next:

  • We reach out to learn about your objectives
  • We work together to define your project's scope
  • You get an all-inclusive, no engagement proposal

No engagement. We answer within 24h.
Scroll to Top

BOOK A MEETING WITH AN EXPERT

Enter Your Corporate Email